Search

Rss Posts

Rss Comments

Login

 

Maliciously Crafted MKV Video Files Can Be Used To Crash Android Phones

Jul 30

itwbennett writes: Just days after publication of a flaw in Android’s Stagefright, which could allow attackers to compromise devices with a simple MMS message, researchers have found another Android media processing flaw. The latest vulnerability is located in Android’s mediaserver component, more specifically in how the service handles files that use the Matroska video container (MKV), Trend Micro researchers said. “When the process opens a malformed MKV file, the service may crash (and with it, the rest of the operating system). The vulnerability is caused by an integer overflow when the mediaserver service parses an MKV file. It reads memory out of buffer or writes data to NULL address when parsing audio data.”


Read more of this story at Slashdot.

View source

Comments are closed.